package com.woniu.park.component;

import com.alibaba.druid.pool.DruidDataSource;

import com.woniu.park.dao.UserMapper;
import com.woniu.park.entity.User;
import com.woniu.park.service.IUserService;
import com.woniu.park.util.EncryptUtil;
import lombok.extern.slf4j.Slf4j;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.util.ByteSource;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.jdbc.core.BeanPropertyRowMapper;
import org.springframework.jdbc.core.JdbcTemplate;
import org.springframework.jdbc.core.SingleColumnRowMapper;

import javax.servlet.http.HttpSession;
import java.util.HashSet;
import java.util.List;
import java.util.Set;

/*
 * @version: V1.0
 * @author: 陈小宝
 * @className: DBRealm
 * @packageName: com.woniu.cq.component
 * @description:
 * @data: 2020-09-01 18:49
 */


@Slf4j
public class DBRealm extends AuthorizingRealm {
    @Autowired
    private UserMapper userMapper;
    //构造块里编写数据源信息
    private JdbcTemplate jdbcTemplate;
    {
        DruidDataSource dataSource = new DruidDataSource();
        dataSource.setUrl("jdbc:mysql://120.24.20.19:3306/sharepark?useUnicode=true&characterEncoding=utf-8");
        dataSource.setUsername("CC");
        dataSource.setPassword("123456");
        dataSource.setDriverClassName("com.mysql.jdbc.Driver");
        jdbcTemplate = new JdbcTemplate(dataSource);
    }


    /*
     * 授权信息
     * @param principalCollection
     * @return
     */


    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        //获得用户
        User user = (User)principalCollection.getPrimaryPrincipal();
        Set<String> roles = userMapper.findRoleById(user.getUserId());
        log.info(user.getUserName()+"角色："+roles);

        Set<String> perm = userMapper.findPermById(user.getUserId());
        log.info(user.getUserName()+"权限："+perm);
        SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo();
        simpleAuthorizationInfo.setRoles(roles);
        simpleAuthorizationInfo.setStringPermissions(perm);
        return simpleAuthorizationInfo;
    }

    /*
     * 执行验证
     * @param token
     * @return
     * @throws AuthenticationException
     */


    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
        //TODO 判断用户账户是否锁定
        /*返回值SimpleAuthenticatoinInfo
         * principal 主体 用户
         * credentials 密码
         * realm的名称code
         */
        log.info("进入验证:{}", token.getPrincipal());
        //发请求到数据库
        User user = userMapper.selectTel(((String) token.getPrincipal()));
        //System.out.println("user:"+user);
        //判断用户账号信息
        if(user==null){
            throw new AuthenticationException("用户名或密码不正确");
        }
        if (user.getUserMessageStatus()==2){
            //密码登录
            String salt = user.getUserSault();
                  // String saltPassword = EncryptUtil.encrypt(user.getUserPassword(), user.getUserSault());
            System.out.println("数据库密码："+user.getUserPassword());
            System.out.println("数据库盐："+salt);
            System.out.println("输入校验密码："+ ByteSource.Util.bytes(salt));
            return new SimpleAuthenticationInfo(user,user.getUserPassword(), ByteSource.Util.bytes(salt),getName());
        }else{
           String sessionCode = (String) SecurityUtils.getSubject().getSession().getAttribute("code");
            //短信登录
            return new SimpleAuthenticationInfo(user, EncryptUtil.encrypt(sessionCode), getName());
        }
    }


}
